openSUSE Security Update : gsoap (openSUSE-2017-842)

Medium Nessus Plugin ID 102011


The remote openSUSE host is missing a security update.


This update for gsoap fixes the following security issue :

- CVE-2017-9765: A remote attacker may have triggered a buffer overflow to cause a server crash (denial of service) after sending 2GB of a specially crafted XML message, or possibly have unspecified futher impact.


Update the affected gsoap packages.

See Also

Plugin Details

Severity: Medium

ID: 102011

File Name: openSUSE-2017-842.nasl

Version: $Revision: 3.3 $

Type: local

Agent: unix

Published: 2017/07/27

Modified: 2018/01/26

Dependencies: 12634

Risk Information

Risk Factor: Medium


Base Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P


Base Score: 8.1

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:gsoap-debugsource, p-cpe:/a:novell:opensuse:gsoap-devel, p-cpe:/a:novell:opensuse:gsoap-devel-debuginfo, p-cpe:/a:novell:opensuse:libgsoap-2_8_33, p-cpe:/a:novell:opensuse:libgsoap-2_8_33-debuginfo, p-cpe:/a:novell:opensuse:libgsoap-2_8_46, p-cpe:/a:novell:opensuse:libgsoap-2_8_46-debuginfo, cpe:/o:novell:opensuse:42.2, cpe:/o:novell:opensuse:42.3

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Patch Publication Date: 2017/07/25

Reference Information

CVE: CVE-2017-9765